package com.sentiment.shiro;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;

public class URLPermissionsFilter extends PermissionsAuthorizationFilter{

	public boolean isAccessAllowed(ServletRequest request,  
            ServletResponse response, Object mappedValue) throws IOException {  
         return super.isAccessAllowed(request, response, buildPermissions(request));  
    }  
    /** 
     * 根据请求URL产生权限字符串，这里只产生，而比对的事交给Realm 
     * @param request 
     * @return 
     */  
    protected String[] buildPermissions(ServletRequest request) {  
        String[] perms = new String[1];  
        HttpServletRequest req = (HttpServletRequest) request;  
        String path = req.getServletPath();
        path = path.replaceAll("\\?.*","");
        perms[0] = path;//path直接作为权限字符串  
//        String regex = "/(.*?)/(.*?)\\.(.*)"; 
//        if(url.matches(regex)){ 
//            Pattern pattern = Pattern.compile(regex); 
//            Matcher matcher = pattern.matcher(url); 
//            String controller =  matcher.group(1); 
//            String action = matcher.group(2); 
//             
//        }
        System.out.println(path);
        return perms;  
    }  
	
}
